ct 22(30): e3

Research Article

Is My Password Strong Enough?: A Study on User Perception in The Developing World

Download133 downloads
  • @ARTICLE{10.4108/eai.11-2-2022.173452,
        author={Tangila Islam Tanni and Tanjin Taharat and Muhammad Shakil Parvez and Sarker T. Ahmed Rumee and Moinul Islam Zaber},
        title={Is My Password Strong Enough?: A Study on User Perception in The Developing World},
        journal={EAI Endorsed Transactions on Creative Technologies},
        volume={9},
        number={30},
        publisher={EAI},
        journal_a={CT},
        year={2022},
        month={2},
        keywords={Password strength, User perception, Password policy, Security, Usability, Memorability},
        doi={10.4108/eai.11-2-2022.173452}
    }
    
  • Tangila Islam Tanni
    Tanjin Taharat
    Muhammad Shakil Parvez
    Sarker T. Ahmed Rumee
    Moinul Islam Zaber
    Year: 2022
    Is My Password Strong Enough?: A Study on User Perception in The Developing World
    CT
    EAI
    DOI: 10.4108/eai.11-2-2022.173452
Tangila Islam Tanni1, Tanjin Taharat2, Muhammad Shakil Parvez3, Sarker T. Ahmed Rumee3,4,*, Moinul Islam Zaber3,4,5
  • 1: School of Science and Engineering, University of Liberal Arts Bangladesh, Dhaka-1209, Bangladesh
  • 2: Therap (BD) Limited, Dhaka-1213, Bangladesh
  • 3: Department of Computer Science and Engineering, University of Dhaka, Dhaka-1000, Bangladesh
  • 4: The Data and Design Lab, Dhaka, Bangladesh
  • 5: United Nations University, E-government Operating Unit (UNU-EGOV), Guimar√£es, Portugal
*Contact email: rumee@cse.du.ac.bd

Abstract

INTRODUCTION: The first line of defense in the cyber world is strong and difficult to predict passwords. However, users often choose highly predictable passwords based on personal information, dictionary words, birth date, etc.

OBJECTIVES: The primary objective is to ascertain password choice and practices of users of developing countries.

METHODS: Most of the existing studies are done in the developed world and our exhaustive search failed to find similar research in the context of developing countries. Here, we conducted detailed surveybased scrutiny about the password- based security perceptions of Bangladeshi nationals, which include 881 participants, primarily students, and professionals.

RESULTS: Most of the users were found to have bad practices, for example, having personal information(56%), password reuse(69%), having commonly used patterns(81.3%). Students from technical backgrounds fared well compared to non-technical backgrounds as expected. However, some professionals (especially Bankers) surprisingly chose weaker passwords even though dealing with sensitive data.

CONCLUSION: We also make a few recommendations to improve awareness.